CVE-2023-31188

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50JPV3230505', Archer C55 firmware versions prior to 'Archer C55JPV1230506', and Archer C20 firmwar...

EUVD-2024-52302

Malicious code in bioql PyPI...

EUVD-2025-21738

Malicious code in bioql PyPI...

EUVD-2024-52303

Malicious code in bioql PyPI...

EUVD-2023-36862

Malicious code in bioql PyPI...

EUVD-2023-12922

Malicious code in bioql PyPI...

TP-Link Archer C50 router is vulnerable to configuration-file decryption

Overview The TP-Link Archer C50 router, which has reached End-of-Life EOL, contains a hardcoded encryption key in its firmware, enabling decryption of sensitive configuration files. This vulnerability allows attackers to trivially access administrative credentials, Wi-Fi passwords, and other...

CVE-2025-6982

Use of Hard-coded Credentials in TP-Link Archer C50 V3 = 180703/V4 = 250117 /V5 = 200407 , and C20 V5 USV5260419 or EUV5260317 allows attackers to decrypt the config.xml files...

CVE-2025-6982 Hardcoded DES Decryption Keys in TP-Link Archer C50 V3/V4/V5 and C20 V5

Use of Hard-coded Credentials in TP-Link Archer C50 V3 = 180703/V4 = 250117 /V5 = 200407 , and C20 V5 USV5260419 or EUV5260317 allows attackers to decrypt the config.xml files...

CVE-2025-6982

Use of Hard-coded Credentials in TP-Link Archer C50 V3 = 180703/V4 = 250117 /V5 = 200407 , and C20 V5...

TP-LINK Archer C50 安全漏洞

TP-LINK Archer C50 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK Archer C50 V3 180703 and earlier, V4 250117 and earlier, and V5 200407 and earlier, which stems from hard-coded credentials and could lead to configuration file decryption...

PT-2025-29877

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C50 versions = 180703 TP-Link Archer C50 versions = 250117 TP-Link Archer C50 versions = 200407 Description: The use of hard-coded credentials allows attackers to decrypt config.xml files. Recommendations: TP-Link Archer C50...

CVE-2024-54126

This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading and executing malicio...

CVE-2024-54127

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

CVE-2023-32619

Archer C50 firmware versions prior to 'Archer C50JPV3230505' and Archer C55 firmware versions prior to 'Archer C55JPV1230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command...

CVE-2023-30383

TP-LINK Archer C50v2 Archer C50USV2160801, TP-LINK Archer C20v1 ArcherC20V1150707, and TP-LINK Archer C2v1 ArcherC2USV1170228 were discovered to contain a buffer overflow which may lead to a Denial of Service DoS when parsing crafted data...

CVE-2022-33087

A stack overflow in the function DM In fillobjbystr of TP-Link Archer C50&A5;USV5200407 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

The vulnerability in the web interface of the microprogramming software for TP-Link Archer C50 allows a intruder to gain unauthorized access to the credentials of the target Wi-Fi system.

The vulnerability of the web-based management interface for TP-Link Archer C50 wireless routers involves the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the credentials of the target Wi-Fi system...

CVE-2024-54127

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

CVE-2024-54126

This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading and executing malicio...